US11563748B2ActiveUtilityA1
Setting application permissions in a cloud computing environment
Est. expiryAug 30, 2037(~11.1 yrs left)· nominal 20-yr term from priority
G06F 21/41H04L 63/105H04L 63/0815H04L 63/102G06F 21/00G06F 21/62
62
PatentIndex Score
0
Cited by
26
References
20
Claims
Abstract
Application permissions can be set in a cloud computing environment based on a user's authorization level in the cloud computing environment. For example, a system can determine that a user has a particular authorization level in a cloud computing environment. The system can determine that the user is to have particular permissions for a continuous integration tool by mapping the particular authorization level to the particular permissions. The system can then set a permission setting for the continuous integration tool to limit the user to the particular permissions.
Claims
exact text as granted — not AI-modifiedThe invention claimed is:
1. A system comprising:
a processing device; and
a memory device including instructions that are executable by the processing device for causing the processing device to perform operations including:
determining that a user has at least two authorization levels in a cloud computing environment;
selecting a highest authorization level for the user from among the at least two authorization levels, wherein selecting the highest authorization level comprises accessing a database that includes relationships between the user of the cloud computing environment and the at least two authorization levels for the user;
determining that the user is to have particular permissions for a software application by mapping the highest authorization level to the particular permissions;
authenticating the user with the software application, subsequent to the user logging in to the cloud computing environment; and
setting a permission setting for the software application to limit the user to the particular permissions, subsequent to authenticating the user with the software application.
2. The system of claim 1 , wherein a communication filter associated with the software application is configured to perform the operations.
3. The system of claim 1 , wherein the at least two authorization levels correspond to at least two projects in the cloud computing environment.
4. The system of claim 1 , wherein the particular permissions are a first set of permissions, and wherein the memory device further includes instructions that are executable by the processing device for causing the processing device to:
subsequent to an end of a preset amount of time since setting the permission setting in the software application, determine a new authorization level for the user in the cloud computing environment;
determine that the new authorization level for the user is different from the highest authorization level that was previously determined;
determine that the user is to have a second set of permissions for the software application by mapping the new authorization level to the second set of permissions, the second set of permissions being different from the first set of permissions; and
set the permission setting for the software application to limit the user to the second set of permissions.
5. The system of claim 1 , wherein the software application is a continuous integration tool configured to detect commits of source code for a software project by one or more programmers and responsively build and test the source code.
6. The system of claim 1 , wherein the software application is configured to execute within the cloud computing environment.
7. The system of claim 1 , wherein the software application includes the permission setting, and wherein the memory device further comprises program code that is executable by the processing device for causing the processing device to set the permission setting inside the software application to limit the user to the particular permissions.
8. The system of claim 1 , wherein the database is within the cloud computing environment.
9. A method comprising:
determining, by a processing device, that a user has at least two authorization levels in a cloud computing environment;
selecting, by the processing device, a highest authorization level for the user from among the at least two authorization levels in the cloud computing environment, wherein selecting the highest authorization level comprises accessing a database that includes relationships between the user of the cloud computing environment and the at least two authorization levels for the user;
determining, by the processing device, that the user is to have particular permissions for a software application by mapping the highest authorization level to the particular permissions;
authenticating, by the processing device, the user with the software application, subsequent to the user logging in to the cloud computing environment; and
setting, by the processing device, a permission setting for the software application to limit the user to the particular permissions, subsequent to authenticating the user with the software application.
10. The method of claim 9 , wherein a servlet filter associated with the software application is configured to implement the method.
11. The method of claim 9 , wherein the at least two authorization levels correspond to at least two projects in the cloud computing environment, and wherein the highest authorization level is for a specific project among the at least two projects.
12. The method of claim 9 , wherein the particular permissions are a first set of permissions, and further comprising:
subsequent to an end of a preset amount of time since setting the permission setting in the software application, determining a new authorization level for the user in the cloud computing environment;
determining that the new authorization level for the user is different from the highest authorization level that was previously determined;
determining that the user is to have a second set of permissions for the software application by mapping the new authorization level to the second set of permissions, the second set of permissions being different from the first set of permissions; and
setting the permission setting for the software application to limit the user to the second set of permissions.
13. The method of claim 9 , wherein the database is maintained by the cloud computing environment.
14. The method of claim 9 , wherein the software application includes the permission setting, and further comprising setting the permission setting inside the software application to limit the user to the particular permissions.
15. A non-transitory computer-readable medium comprising program code that is executable by a processing device for causing the processing device to perform operations comprising:
determining that a user has at least two authorization levels in a cloud computing environment;
selecting a highest authorization level for the user from among the at least two authorization levels in the cloud computing environment, wherein selecting the highest authorization level comprises accessing a database that includes relationships between the user of the cloud computing environment and the at least two authorization levels for the user;
determining that the user is to have particular permissions for a software application by mapping the highest authorization level to the particular permissions, the software application being executable within the cloud computing environment;
authenticating the user with the software application, subsequent to the user logging in to the cloud computing environment; and
setting a permission setting for the software application to limit the user to the particular permissions, subsequent to authenticating the user with the software application.
16. The non-transitory computer-readable medium of claim 15 , wherein the highest authorization level is an authorization level for a specific project in the cloud computing environment, and wherein the software application is a part of the specific project.
17. The non-transitory computer-readable medium of claim 15 , wherein the particular permissions include a first set of permissions, and further including program code that is executable by the processing device for causing the processing device to:
after a preset amount of time has passed since setting the permission setting in the software application, determine a new authorization level for the user in the cloud computing environment;
determine that the new authorization level for the user is different from the highest authorization level that was previously determined;
determine that the user is to have a second set of permissions for the software application by mapping the new authorization level to the second set of permissions, the second set of permissions being different from the first set of permissions; and
set the permission setting for the software application to limit the user to the second set of permissions.
18. The non-transitory computer-readable medium of claim 15 , wherein the software application is a continuous integration tool configured to detect commits of source code for a software project by one or more programmers and responsively build and test the source code.
19. The non-transitory computer-readable medium of claim 15 , wherein the software application includes the permission setting, and further comprising program code that is executable by the processing device for causing the processing device to set the permission setting inside the software application to limit the user to the particular permissions.
20. The non-transitory computer-readable medium of claim 15 , wherein the database is within the cloud computing environment.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.